1. Field of the Invention
The present invention relates generally to a private key generation apparatus and method, encryption, decryption and signature methods based on the method, and storage media storing programs for executing the methods on a computer and, more particularly, to private a private key generation apparatus and method in which key generation units are configured to be hierarchical, encryption, decryption and signature methods based on the method, and storage media storing programs for executing the methods on a computer.
2. Description of the Related Art
Recently, with the development of computer technology and the rapid expansion of communication networks, the security of computer-related resources and data to be sent has attracted attention as an important issue. A scheme for overcoming this problem is an encryption-based system. An encryption system that has made the greatest contribution up to the present is a public key encryption system. The conventional public key system has difficulty managing the certificates of public keys because the public keys of users should be authenticated in advance and certificates with problems should be discarded even before the expiration of their periods of validity. Accordingly, an identity (ID)-based encryption system based on personal IDs was proposed.
The public key-based encryption system uses a method of determining a private key and then computing a public key. In contrast, the ID-based encryption system uses a method of selecting an ID and then computing a private key based on the ID. In this case, a private key generator (PKG) computes the private key based on the ID and issues the private key via a private channel.
Since the conventional ID-based encryption system has the disadvantage of slow processing at a client end, a Trapdoor Discrete Logarithm (TDL)-based new ID-based encryption system was proposed. This TDL-based new ID-based encryption system also has the disadvantage of the slow issuance of private keys. Accordingly, the present invention proposes a new technology that has both efficiency at a user end (client end) and the efficiency of the issuance of keys.
Prior art related to the new technology will now be described. Korean Patent Application Publication No. 2005-0037723 entitled “Method of Distributing Conference Session Keys in Identity Information-based Encryption System” discloses a method of selecting two different temporary private keys, generating a message, and performing a protocol using the temporary private key of a session initiation entity when generating a session key generation variable. This method includes the step of implementing an identity information-based encryption system and the step of performing a key sharing protocol. The identity information-based encryption system is formed of a system for providing signatures. The present invention is different from this prior art technology in that entities for generating private keys are configured to be hierarchical, thereby attempting to reduce the time it takes for a sub-private key generation unit to generate a private key.
Furthermore, Korea Patent Application Publication No. 2011-0117169 entitled “Method and Apparatus for Performing ID-based Authenticated Key Protocol” discloses an ID-based authenticated key agreement protocol that does not undergo a private key escrow problem. This technology is directed to an ID-based authenticated key agreement protocol, and is different from the present invention that allows entities for generating private keys to be hierarchical.